CVE-2010-2942

Priority

Low

Description

The actions implementation in the network queueing functionality in theLinux kernel before 2.6.36-rc2 does not properly initialize certainstructure members when performing dump operations, which allows local usersto obtain potentially sensitive information from kernel memory via vectorsrelated to (1) the tcf_gact_dump function in net/sched/act_gact.c, (2) thetcf_mirred_dump function in net/sched/act_mirred.c, (3) the tcf_nat_dumpfunction in net/sched/act_nat.c, (4) the tcf_simp_dump function innet/sched/act_simple.c, and (5) the tcf_skbedit_dump function innet/sched/act_skbedit.c.

Ubuntu-Description

Eric Dumazet discovered that many network functions could leak kernel stackcontents. A local attacker could exploit this to read portions of kernelmemory, leading to a loss of privacy.